What did you do after CISSP?

ErtazErtaz Member Posts: 934 ■■■■■□□□□□
It's been two weeks since I passed the exam. I've bounced around wondering what's next. I thought about CISA since the other folks in my department have it, but I'm not an auditor. I am patiently awaiting my GPEN SANS course. In the mean time, I wanted to do something self study, but I want to get some value out of it. C|EH is out because of EC council's shortcomings. I have thought about the CASP since it's more technical, but it seems like a step back. My goal is to pickup a broad skill set while doing vuln mgmt. I thought about doing the CCNA-Security or the Linux+ just to pass the time. What did you guys do as your next step? Were you satisfied with the result?
«1

Comments

  • NotHackingYouNotHackingYou Member Posts: 1,460 ■■■■■■■■□□
    I recent finished CISSP and have now set my sighs on OSCP - starting in a week. I'd look at CCNA-Sec or OSCP in your position.
    When you go the extra mile, there's no traffic.
  • gespensterngespenstern Member Posts: 1,243 ■■■■■■■■□□
    I did CEH so I can bash it knowing what I'm talking about, did ISSAP and Symantec DLP. Now I'm getting back to MCSE:Private cloud that I hope to get done before autumn, then I'll be doing OSCP and then OSCE and Red Hat certs, not sure about which would be the first... Another thought is ISSMP, not sure about ISSEP as it relies heavily on knowing various frameworks, standards and regulations which I don't like much... Yet another thought is CCSP, cloud is hot and maybe it would be the best from ROI standpoint.

    Symantec DLP seems to be a weird choice, rare cert, but surprisingly I get a lot of calls on contracts regarding "design and deploy DLP", at least one call each week. They aren't paid exactly well though ($60-80/hour which isn't that high considering contract length is usually 4-8 months and you have to move), but firms who do this charge a lot. I saw one quote on design, deployment and typical draft rule creation without much fine-tuning and it was around ~50k. All of this could be done I'd say in less than 100 hours of work of a specialist with good DLP knowledge and ability to interview business owners on what to watch for and how to design alerts and reports...
  • OctalDumpOctalDump Member Posts: 1,722
    OSCP, eLearnSecurity, Mile2 all have 'hands on' pen testing stuff, if that's what you are interested in. CEH is nice to have for the name and brand recognition, but is less hands on.

    CCNA Security could be useful if you are doing network defence or working in a Cisco context. You really need to go beyond CCNA to get 'useful' security understanding.

    Linux+ is not very hands on exam, a bit dry really. I'd suggest Linux Foundation or Red Hat. Certainly Linux skills are very, very useful in the Pen Testing world, with so many public facing services running on Linux.

    I'd suggest CASP only after you have some hands on with Linux/Windows/Networking/Firewalls etc. It does cover quite a breadth of technical areas, and although there is good overlap with CISSP, it is a different kind of exam for a different audience.

    The other thing which might be a good fit with vulnerability management is the CRISC. It could allow you to put things in a much more C-level context.
    2017 Goals - Something Cisco, Something Linux, Agile PM
  • RuleOf3RuleOf3 Member Posts: 14 ■■■□□□□□□□
    CEH sounds interesting. I keep hearing about it on Security Now and other podcasts, it seems like a hot certification! - Lisa
  • ErtazErtaz Member Posts: 934 ■■■■■□□□□□
    Things got a little weird here. They are being very particular about what cert they will reimburse me for next. I've submitted my reasoning for the CASP, and I will await feedback. If not, oh well, I'll just do it out of pocket.
  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    I was fortunate enough to land a job at a place with a favorable training budget for security, so after CISSP I began tacking the SANS/GIAC curriculum. Figure out what specialization you want to learn more about and go for it.
  • GessGess Member Posts: 144 ■■■□□□□□□□
    Mostly I've been waiting for my Endorser, and now ISC2. ;)
  • DeVanhaDeVanha Registered Users Posts: 1 ■□□□□□□□□□
    After CISSP I got CISA from ISACA. I wanted something more technical so I've started the OSCP. More technical being a huge understatement!
  • cwelbercwelber Member Posts: 38 ■■■□□□□□□□
    For me I'm taking the MSc (Masters of Cyber Security) Track, I'm two classes away and start my second to last class in a few weeks (CYS585 Digital Crime Prevention and Investigation), I think this is a good combo for an Infosec professional.

    Actually I have a creative side and I've some writing, play in a band (guitar, sing, write songs) and I'm a Buddhist. I really don't like operations or the 7:30 am to 5:30 pm grind very much so I'm hoping to get into more of a creative / infosec / Buddhist / Life Coaching / Cyber-Psychology role in the future ( I know that's all over the place, so yes, I'm keeping my day job).

    I've been through a full security cycle at my current employee and have all the CompTIA + certs, CISSP and Cisco engineer too. My current employer has been good to me and I like the people, but it's a high stress law firm so I'm hoping to go part time at close to my current full time salary at some point in the future.

    Cert wise I'm not really motivated, but I'm not sure in my case the cert-race gets me closer to where I want to be. I think certs are awesome, but I also think experience rules and a person who can write a good academic paper in our field is good too.

    I admire people with a lot of certs because some of them like CISSP are really hard.

    Cheers!
  • Mike7Mike7 Member Posts: 1,107 ■■■■□□□□□□
    If you are interested in IT auditing, compliance, risk and information security policy, you can go for CISM first then CISA.
    There is some domain overlap between them, and doing all 3 helps reinforce the knowledge. I did all 3 within a year and also squeeze CCSLP in as I have application development experience.

    When you study the same topic multiple times for different certs, some of the knowledge gets "burned" into the brain permanently. icon_cool.gif
  • ErtazErtaz Member Posts: 934 ■■■■■□□□□□
    Well, I wanted to follow up on this thread after passing the CASP. Now I think my GPEN class will be in August at Dallas. I've done 3 certs in the past year of employment and I think that's a doable pace. Probably have GPEN/CGEIT/CCNA-Security by next fall.
  • ZzBloopzZZzBloopzZ Member Posts: 192
    Congrats! Do you think the CASP was worth it? Did you learn anything new from it compared to when you were studying for the CISSP? If so, could you give some examples please.

    I still have not fully figured out what cert to go for next. Right now I have been working hard learning Linux properly.

    Thanks!
  • ErtazErtaz Member Posts: 934 ■■■■■□□□□□
    ZzBloopzZ wrote: »
    Congrats! Do you think the CASP was worth it? Did you learn anything new from it compared to when you were studying for the CISSP? If so, could you give some examples please.

    I still have not fully figured out what cert to go for next. Right now I have been working hard learning Linux properly.

    Thanks!

    You're going to think that English is not my first language after this post.

    For me, it was worth it. When I first saw the requirements of the exam I thought there would be maybe a %75 overlap between the two exams. After studying and passing both, I now put it at %40. The CASP is less broad than the CISSP, but still a very broad exam in its own right. Where the CISSP wanted you to have a great understanding of TCSEC/ITSEC and Common Criteria from a general design/process perspective, the CASP was a technical exercise that wants you to understand storage,network and host security at the protocol and implementation level (iSCSI,FCOE,NAS,WAF,INE).

    The other key thing is that the CISSP was done from a wholly managerial mindset while the CASP prefers the technical answer in many cases. The CASP uses simulations, albeit greatly simplified versions, to get you to read log files and configure devices to stop the activity going on. Like the CISSP, there were many questions that required you to think about a complex problem and provide a holistic solution. There were also questions that I had to rely on experience for because they were only loosely alluded to in the text. If I hadn't been a UNIX/Linux admin in prior life, I would probably be licking my wounds right about now. I recommend it as professional development cert for non-operations folks to get a feel for how the policies you write are carried out by the folks on the front line. It probably won't get you a bigger paycheck, but the study and understanding of technologies that you may not administer regularly is worthwhile.
  • coffeeisgoodcoffeeisgood Member Posts: 136 ■■■□□□□□□□
    after the CISSP, I picked up the book for the CISA ... exam is now 60 days away

    i enjoyed studying for the CISSP, the CISA has some overlap

    not sure what will be after the CISA
  • ErtazErtaz Member Posts: 934 ■■■■■□□□□□
    after the CISSP, I picked up the book for the CISA ... exam is now 60 days away

    i enjoyed studying for the CISSP, the CISA has some overlap

    not sure what will be after the CISA

    What other materials are you using? I started the Cybrary videos for CISA before I decided on CASP.
  • coffeeisgoodcoffeeisgood Member Posts: 136 ■■■□□□□□□□
    Ertaz wrote: »
    What other materials are you using? I started the Cybrary videos for CISA before I decided on CASP.

    For the CISA only the official book so far, I am considering the official Q&A but hear over & over again for $100/$130 there might be very little if no almost zero value. (out of 1000 questions maybe 10 are related to the real exam) I might spend my coin (& mainly time) elsewhere. CBT Nuggets has a week free so I might start there.

    Why did you pick the CASP? On the job boards, CISA is the 2nd most requested (after CISSP) I see over & over again.... (at least for what I am looking at)
  • E Double UE Double U Member Posts: 2,233 ■■■■■■■■■■
    I went straight into GCIH.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • ZzBloopzZZzBloopzZ Member Posts: 192
    after the CISSP, I picked up the book for the CISA ... exam is now 60 days away

    i enjoyed studying for the CISSP, the CISA has some overlap

    not sure what will be after the CISA

    Why did you decide on the CISA, do you plan to be an auditor?
  • ErtazErtaz Member Posts: 934 ■■■■■□□□□□
    For the CISA only the official book so far, I am considering the official Q&A but hear over & over again for $100/$130 there might be very little if no almost zero value. (out of 1000 questions maybe 10 are related to the real exam) I might spend my coin (& mainly time) elsewhere. CBT Nuggets has a week free so I might start there.

    Why did you pick the CASP? On the job boards, CISA is the 2nd most requested (after CISSP) I see over & over again.... (at least for what I am looking at)

    I did it because I like the more technical aspect of it and no one in the company I'm working for has it (Lots of CISAs/CISSPs though). I was a Cisco certified security professional back in the day (Now called CCNP-Security by you whippersnappers), so the enterprise network architecture portion was a fun romp. Maybe I'll do CISA next year, but I'm really still exploring what I like most in security. GPEN looks like a lot of fun. From that I could go OSCP/CEH relatively quickly.
  • ZzBloopzZZzBloopzZ Member Posts: 192
    Ertaz wrote: »
    I did it because I like the more technical aspect of it and no one in the company I'm working for has it (Lots of CISAs/CISSPs though). I was a Cisco certified security professional back in the day (Now called CCNP-Security by you whippersnappers), so the enterprise network architecture portion was a fun romp. Maybe I'll do CISA next year, but I'm really still exploring what I like most in security. GPEN looks like a lot of fun. From that I could go OSCP/CEH relatively quickly.

    FYI, another option to lead you towards OSCP is the eJPT. It is a hands on pent testing cert that actually uses modern tools. Then from there you can go eCPPT and/or OSCP. I have the CEH and it was mostly theory based and older out dated tools. I am still very disappointed that I spent $600 on it but at least it does help getting through HR as I do get contacted more since getting it.
  • ErtazErtaz Member Posts: 934 ■■■■■□□□□□
    ZzBloopzZ wrote: »
    FYI, another option to lead you towards OSCP is the eJPT. It is a hands on pent testing cert that actually uses modern tools. Then from there you can go eCPPT and/or OSCP. I have the CEH and it was mostly theory based and older out dated tools. I am still very disappointed that I spent $600 on it but at least it does help getting through HR as I do get contacted more since getting it.

    As far as the DOD/8570 is concerned the CEH is the Swiss army knife of certs.
    8570-cert-REV201510.jpg
    I confirmed today that I will be able to sign up for GPEN in October! Pretty pumped about it.
  • beadsbeads Member Posts: 1,533 ■■■■■■■■■□
    Literally, left the testing room, went around the corner and into the bar at 10:40 in the morning. Testing took two and a half hours and probably another ten minutes to collect my stuff, turn-in my sheet and walk to the lobby.

    Graciously, I had the benefit of a paper test and a nearby bar.

    Pearson/Vue - bah!

    - b/eads
  • ErtazErtaz Member Posts: 934 ■■■■■□□□□□
    beads wrote: »
    Literally, left the testing room, went around the corner and into the bar at 10:40 in the morning. Testing took two and a half hours and probably another ten minutes to collect my stuff, turn-in my sheet and walk to the lobby.

    Graciously, I had the benefit of a paper test and a nearby bar.

    Pearson/Vue - bah!

    - b/eads

    Well, that makes sense. A bar on every corner because the Cubs drive you to drink.
  • ZzBloopzZZzBloopzZ Member Posts: 192
    Thanks for sharing the Cert Roadmap! I find it really interesting because I thought I read somewhere that CompTIA's intentions were for the CASP to directly compete with the CISSP. However, in this roadmap by CompTIA themselves they have CASP as Advanced and then CISSP at the top under Expert.

    Also, it is interesting to see CEH considered as Advanced. I guess it does make sense as that is how HR tends to see it as well. I don't see CCSP on there. I wonder if they would consider it Advanced or Expert. CCSK they have as Advanced.
  • protacticusprotacticus Member Posts: 91 ■■■□□□□□□□
    I think this CompTIA roadmap version is from 2014.
  • GessGess Member Posts: 144 ■■■□□□□□□□
    https://certification.comptia.org/docs/default-source/downloadablefiles/it-certification-roadmap.pdf?sfvrsn=2 is a PDF from the 2016 Roadmap.

    https://certification.comptia.org/why-certify/roadmap is the 'interactive' version that might be easier to read.

    I printed the PDF and hung it in my office when I only had one cert (Sec+), I'll have to look it over again and see how much I've improved in three years.
  • ZzBloopzZZzBloopzZ Member Posts: 192
    Gess wrote: »
    https://certification.comptia.org/docs/default-source/downloadablefiles/it-certification-roadmap.pdf?sfvrsn=2 is a PDF from the 2016 Roadmap.

    I printed the PDF and hung it in my office when I only had one cert (Sec+), I'll have to look it over again and see how much I've improved in three years.

    Thanks! Interesting how in this updated version they downgraded the CISSP down from Expert to Advanced. They should put the higher CISSP concentrations under Expert.
  • jcundiffjcundiff Member Posts: 486 ■■■■□□□□□□
    I went a slightly different route... after CISSP, I did CRISC, now doing BS ITSEC from WGU and then Master, and CISM
    "Hard Work Beats Talent When Talent Doesn't Work Hard" - Tim Notke
  • ErtazErtaz Member Posts: 934 ■■■■■□□□□□
    jcundiff wrote: »
    I went a slightly different route... after CISSP, I did CRISC, now doing BS ITSEC from WGU and then Master, and CISM

    With qualifications like that I hear there is a board opening at UofL... :)
Sign In or Register to comment.